In computing systems that provide for secure execution, a trusted path from an input device to a destination can still be vulnerable to attack. Trusted path architectures generally provide a secure data pathway from a trusted user input device to a corresponding trusted data sink. One example is a trusted path from a trusted touchscreen sensor to a trusted application (e.g., a protected email client application).
One common vulnerability is an attack on a user via a phishing attack, by shifting input focus to an untrusted application, without the user noticing. As a result, in this type of attack, a user may continue to enter sensitive information (e.g., passwords, personally identifiable information, or other confidential information) that is redirected to a malware component.